Comments (6)
This seems like a reasonable requirement... I had planned on adding it and will
work on doing so now.
Original comment by [email protected]
on 30 Jun 2010 at 3:19
- Changed state: Accepted
- Added labels: Type-Enhancement
- Removed labels: Type-Defect
from pulledpork.
Oops, should have made this an enhancement. It doesn't look like I have
permission to fix it now, or can't figure out how if I do.
Original comment by [email protected]
on 30 Jun 2010 at 3:23
from pulledpork.
Our messages crossed in the ether, thanks for the quick response, and great
work on PP.
Original comment by [email protected]
on 30 Jun 2010 at 3:24
from pulledpork.
Not a problem! I'm sure you are aware that you will need to run pp 2x to
achieve what you want now... one to get the first set of rules.. and the second
to get the second.. while referencing the first set's rules file as a "local"
rules file so that the sid-msg.map is fully populated.
JJC
Original comment by [email protected]
on 30 Jun 2010 at 3:28
from pulledpork.
Ok, check out what's in SVN now.. it should do the trick for you... Of course
specifying any type of base policy (security, balanced, connectivity) will
render the ET rules disabled, unless you specify some pcre foo in
enablesid.conf ;-) Please test and let me know what you think.
You will need to note the changes in pulledpork.conf!
Original comment by [email protected]
on 30 Jun 2010 at 7:50
- Changed state: Fixed
from pulledpork.
JJ: That was pretty ridiculously fast. I looked through the changes and they
look reasonable, I'll give the code a go on my test snort instance in the next
week or so.
You might consider labeling this as a 0.5.0 release instead of 0.4.x if it
breaks config-file compatibility. I wasn't able to follow on a quick
read-through whether base_url and rule_file would still work if they were
specified instead of the new rule_url option. I'll give it a test when I try
the code out shortly.
Original comment by [email protected]
on 30 Jun 2010 at 8:59
from pulledpork.
Related Issues (20)
- Unable to pull down emergingthreatspro rules list HOT 8
- Unable to download Suricata rules HOT 2
- Version 8 - Error: does not exist, please create this directory HOT 15
- Barnyard2 hangs on the sid file created with pulledpork using: sid_msg_version=2 HOT 3
- snort.rules not created HOT 4
- Windows path issue when running pulledpork
- Modifysid doesn't modify rules HOT 5
- 422 Unprocessable Entity HOT 6
- ERROR: can't set --dump-dynamic-rules /tmp/tha_rules/so_rules/ and no rules are being imported. HOT 10
- Unknown regexp modifier HOT 5
- Unable to process shared object rules for a previous version of snort3 HOT 2
- Snort3 - 422 Unprocessable Entity when trying to download rules HOT 3
- An error occurred: ERROR: /etc/snort//etc/snort/rules/app-detect.rules(0) Unable to open rules file "/etc/snort//etc/snort/rules/app-detect.rules": No such file or directory. HOT 1
- This is happening in Windows with latest release
- a lots of errors HOT 1
- Issuing reputation socket reload command - (Error) ?
- few of rules downloaded HOT 3
- IP Blocklists are not processed when -n flag is set
- Dolibarr v17.02 - Receipt Printer Issue HOT 2
- 422 Unprocessable Entity [ 422 ], Using the oinkcode provided by snort? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pulledpork.